Re: Suggestion for sensitive online content from François Légaré on 2015-08-15 (public-privacy@w3.org from July to September 2015)

From: François Légaré <flegare@gmail.com>
Date: Fri, 14 Aug 2015 21:42:04 -0400
To: Brad Hill <hillbrad@fb.com>
Cc: Nick Doty <npdoty@w3.org>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-ID: <CAGhQHriJDj91JhURXUuQzqpMx+ABshw9h6rSC9XEW3ukcJ5YBA@mail.gmail.com>
Hi Brad,

Do you want me to post the suggestion there or you will do it?

Regards,

Francois


On Fri, Aug 14, 2015 at 1:10 PM, Brad Hill <hillbrad@fb.com> wrote:

> François,
>
>  I've definitely heard and have some interest of my own in similar
> functionality for different use cases like making sure that advertisements
> cannot make lasting changes to the browser state.  This is another
> interesting use case.
>
>   Can please raise it over on the WebAppSec list?
>
>   public-webappsec@w3.org
>
>  Thanks!
>
> Brad Hill
> Co-chair, WebAppSec WG
>
> From: Nick Doty
> Date: Thursday, August 13, 2015 at 1:56 PM
> To: François Légaré
> Cc: "public-privacy (W3C mailing list)"
> Subject: Re: Suggestion for sensitive online content
> Resent-From: <public-privacy@w3.org>
> Resent-Date: Thu, 13 Aug 2015 20:56:12 +0000
>
> Hi François,
>
> That's an interesting privacy problem and proposal. (I've changed the
> subject line, because I believe you're primarily talking about sensitive
> content, rather than sensible content.)
>
> Work has begun recently in the WebAppSec group on a mechanism (HTTP
> response header) for sites to clear all local content (like cookies and
> localStorage) for their origin, as a security and privacy measure:
> http://www.w3.org/TR/clear-site-data/
> <https://urldefense.proofpoint.com/v1/url?u=http://www.w3.org/TR/clear-site-data/&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=HU3cThGizwgsko8%2BWBMXZg%3D%3D%0A&m=BqHHzeeQlJjSH8M%2FVZ2i2W4N%2BgJhjW2yFAyTWC3qmeY%3D%0A&s=da5b23ec2320fecad80eae7153e31be8620af5562ea272f3e615c98d811211f8>
>
> I'm not sure they're specifically considering the use case of wanting to
> clear browser history for a potentially sensitive website, but it sounds
> not dissimilar from their set of goals, so it would be worth considering.
>
> The other existing technology that could be used would be declarative
> mechanisms for content selection, like PICS (deprecated) and POWDER:
> http://www.w3.org/2007/powder/
> <https://urldefense.proofpoint.com/v1/url?u=http://www.w3.org/2007/powder/&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=HU3cThGizwgsko8%2BWBMXZg%3D%3D%0A&m=BqHHzeeQlJjSH8M%2FVZ2i2W4N%2BgJhjW2yFAyTWC3qmeY%3D%0A&s=e1a56ab863bd5310a0b83f711f5b11a88c333f20c6fdea1e51d4c9ea01ec2d87>
>
> That would be an existing mechanism to declare a value like,
> "sensitive-anonymous", which supporting user agents could interpret as a
> sign that they should use private browsing mode (no local cache).
>
> It sounds like the site you're working with would be willing to spend the
> minor resources to implement this kind of flag. We would need to check
> whether prominent browser vendors are interested in implementing the
> client-side version.
>
> Hope this helps,
> Nick
>
> On Aug 12, 2015, at 10:42 AM, François Légaré <flegare@gmail.com> wrote:
>
> Hi
>
> I work for a big telecom company in Canada that currently give various
> sponsorship for mental health organisations. Part of the sponsorship is
> making sites and mobile applications to help individual get online help and
> access information and resources that are often sensible.
>
> One example is  http://www.kidshelpphone.ca/
> <https://urldefense.proofpoint.com/v1/url?u=http://www.kidshelpphone.ca/&k=ZVNjlDMF0FElm4dQtryO4A%3D%3D%0A&r=HU3cThGizwgsko8%2BWBMXZg%3D%3D%0A&m=BqHHzeeQlJjSH8M%2FVZ2i2W4N%2BgJhjW2yFAyTWC3qmeY%3D%0A&s=fd622e7d1f8405aac1bf7aa1d8e74fca02146d4ba5efb0cd6cbba7a77464c672> they
> provide anonymous phone line for kids that may have issue or problem in
> their family. This lead to a sensitive problem, a kid visiting this site
> need to know how to clean browsing history since a adult seeing the
> browsing history might challenge the kids about the visit and lead to more
> stress or bigger problems. They did explain on the site header how to flush
> history and train visitor about the anonymous tab, this isn't perfect at
> all, because it really entirely on the user actions and the assumption that
> he read and understood the section.
>
> Since not all internet user are tech savvy and are aware of the anonymous
> tabs, so my suggestion for the W3C would be the following:
>
> A head meta tag that could help define sensitivity level of the online
> html content. This tag once detected by the browser could apply various
> policy to increase anonymity and reduce potential problems, ideally default
> policies would implicitly insure higher privacy for the end users.
>
> For instance browser that detect the meta tag could automatically go in
> "anonymous mode" and don't track browsing history, remove cached content,
> etc. This will insure a more anonymous browsing experience for such site
> for users that are less aware of the already available privacy features.
> Content rating meta tag to some extends could be used but this is a bit
> far fetch but could be less involving since tags already exist.
>
> Of course I'm quite sure, site with adult content would also be like such
> features but this is not really the issue I'm trying to resolve at this
> point.
>
> According to some of the W3C members this is a valid place to submit this
> suggestion, I hope this will be well received.
>
> Regards,
>
> Francois
>
>
>
Received on Saturday, 15 August 2015 01:43:12 UTC